Introduction

This documentation contains all Identity and Authentication related endpoints that can be called from your web application server.

Get tokens

Authorization Code

This is the OAuth 2.0 grant that web apps utilize in order to access an API. Use this endpoint to exchange an Authorization Code for a Token.

Arguments
  • grant_type

    required string

    Must be set to authorization_code.

  • client_id

    required string

    Your client ID.

  • client_secret

    string

    Your client Secret. Required if your Client’s authorization method is Post.

  • code

    required string

    The authorization code received from the initial authorization call.

  • redirect_uri

    required string

    The redirect_uri parameter value included in the authorization request.

Returns

Definition
POST /oauth/token
Example Request
POST /oauth/token HTTP/1.1
Host: https://YOUR_DOMAIN
Content-Type: application/json

{
  "grant_type": "authorization_code",
  "client_id": "slNIt...yKzQM",
  "client_secret": "dYEa3...3z2m2",
  "code": "XpcgV...5sSY5",
  "redirect_uri": "https://example.com/callback"
}
Example Response
{
  "access_token": "tb37Sz...h3eh6q",
  "id_token": "eEoQAi...yJ04ae",
  "refresh_token": "djnxBN...eXbEbL",
  "token_type": "Bearer",
  "expires_in": 86400
}

Refresh Token

Use this endpoint to refresh an Access Token using the Refresh Token you got during authorization.

Arguments
  • grant_type

    required string

    Must be set to refresh_token.

  • client_id

    required string

    Your client ID.

  • client_secret

    string

    Your client Secret. Required if your Client’s authorization method is Post.

  • refresh_token

    required string

    The Refresh Token.

Returns

Definition
POST /oauth/token
Example Request
POST /oauth/token HTTP/1.1
Host: https://YOUR_DOMAIN
Content-Type: application/json

{
  "grant_type": "refresh_token",
  "client_id": "slNIt...yKzQM",
  "client_secret": "dYEa3...3z2m2",
  "refresh_token": "XpcgV...5sSY5"
}
Example Response
{
  "access_token": "tb37Sz...h3eh6q",
  "refresh_token": "djnxBN...eXbEbL",
  "id_token": "eEoQAi...yJ04ae",
  "token_type": "Bearer",
  "expires_in": 86400
}

User profile

Get user profile

Retrieve user's profile.

Arguments
  • fields

    string

    User’s fields to retrieve in the response. Defaults to id,name,email.

Returns

The user's profile

Definition
GET /identity/v1/me
Example Request
GET /identity/v1/me?fields=id,given_name,family_name,email,birthdate HTTP/1.1
Host: https://YOUR_DOMAIN
Authorization: Bearer eyJ0eXAiOiJKV1QiL...
Example Response
{
  "id": "AVqvOB58Fg6nZfQ0ZqXt",
  "given_name": "John",
  "family_name": "Doe",
  "email": "john.doe@exemple.com",
  "birthdate": "1983-11-13"
}

Update user profile

Update user's profile.

Arguments
  • fields

    string

    User’s fields to retrieve in the response. Defaults to id,name,email.

Returns

The user's profile

Remarks

  • email and password fields are not modifiable with this endpoint, expect for a new user without email (generally when not provided by the social provider).

  • phone_number field is not modifiable if sms verification code is enabled on the account settings.

Definition
POST /identity/v1/update-profile
Example Request
POST /identity/v1/update-profile HTTP/1.1
Host: https://YOUR_DOMAIN
Authorization: Bearer eyJ0eXAiOiJKV1QiL...

{
  "birthdate": "1981-10-13"
}
Example Response
{
  "id": "AVqvOB58Fg6nZfQ0ZqXt",
  "name": "John Doe",
  "email": "john.doe@example.com"
}

Lite Registration

Push lite profile

Pushes lite profile.

Returns

Definition
POST /identity/v1/lite-registration
Example Request
POST /identity/v1/lite-registration HTTP/1.1
Host: https://YOUR_DOMAIN

{
  "email": "bruce.wayne@wayne.com",
  "birthdate": "1981-10-13",
  "nickname": "Batman"
}
Example Response
{
  "id": "AVqvOB58Fg6nZfQ0ZqXt"
}

Lite profile object

Attributes
  • email

    string

    User's primary email address.

  • phone_number

    string

    User's primary telephone number.

  • name

    string

    User's full name.

  • given_name

    string

    Given name(s) or first name(s).

  • family_name

    string

    Surname(s) or last name(s).

  • middle_name

    string

    Middle name(s).

  • nickname

    string

    Casual name that may or may not be the same as the given_name.

  • gender

    string

    Allowed values are female, male, or other.

  • birthdate

    date

    User's birthday, represented as an ISO 8601 YYYY-MM-DD format.

  • picture

    string

    URL of one of the user's profile picture. This URL refers to an image file (for example, a PNG, JPEG, or GIF image file).

  • company

    string

    User's company name.

  • addresses

    array of object

    User's postal addresses.

    Show child attributes
  • custom_fields

    object

    Object containing custom fields for the user.

  • consents

    object

    User's consents.

    Show child attributes
Example
{
  "email": "john.doe@example.com",
  "name": "John Doe",
  "given_name": "John",
  "family_name": "Doe",
  "nickname": "Johnny",
  "birthdate": "1983-11-13",
  "gender": "male",
  "phone_number": "+33612345678",
  "phone_number_verified": false,
  "picture": "https://graph.facebook.com/10154500298019865/picture",
  "profile": "https://www.facebook.com/app_scoped_user_id/10154500298019865/",
  "addresses": [
    {
      "street_address": "10 rue Chaptal",
      "locality": "Paris",
      "postal_code": "75009",
      "region": "Île-de-France",
      "country": "France"
    }
  ],
  "custom_fields": {
    "loyalty_card_number": "19872359235"
  },
  "consents": {
    "newsletter": {
      "granted": true,
      "consentType": "opt-in",
      "date": "2018-06-12T17:36:65Z"
    },
    "partner-ads": {
      "granted": false,
      "consentType": "opt-in",
      "date": "2018-06-12T17:36:65Z"
    }
  }
}